720-891-1663

Are 1-Time Passcodes a Corporate Liability?

No. Not really. Are bad 1-time passcodes a corporate liability? Yes, but bad anything is a liability. In the wake of the Twilio breach, my buddy Brian Krebs posted an item titled “How 1-Time Passcodes Became a Corporate Liability”. In one sense, he is right because most companies chose the easiest one 1-time passcode to […]

Continue reading → [DISPLAY_ACURAX_ICONS]

AI Detecting Gun Scanners at Schools has been a “Clusterf***”

Schools are legitimately trying to figure out ways to keep students safe from gun and other violence. Unfortunately, there are no simple ways to do this. Some schools are trying to use AI to solve the problem, but the reality that schools are experiencing using this technology is, apparently, quite different from what is represented […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Security News Update for the Week Ending August 26, 2022

Mozilla Says 18 of 25 Pregnancy Apps: Privacy Not Included Out of the 25 “reproductive health” apps and wearable devices, 18 received a “privacy not included” rating. That means that they have a problem protecting their user’s privacy. In today’s world that data could be used by private bounty hunters in states that offer that […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Why Vendor Cyber Risk Management is CRITICAL

The hackers that breached outsource customer communications vendor Twilio earlier this month didn’t just compromise encrypted communications app vendor Signal. In fact, they compromised more than 130 companies and 10,000 employees. Why? because Twilio is a vendor to all of these companies and these companies trusted Twilio. And, apparently, Twilio’s security practices were not good […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Lloyd’s of London to Exclude State-Sponsored Attacks from Cyber Insurance Policies

Starting in March 2023, Lloyd’s will REQUIRE all its agents to exclude liability for losses from state sponsored cyberattacks. The problem is defining what is a state sponsored attack. In a bulletin to its producers last week, Lloyd’s says that it remains strongly supportive of its agents writing cyber policies, it is concerned that the […]

Continue reading → [DISPLAY_ACURAX_ICONS]